Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
0 parents
commit 7998008
Showing
48 changed files
with
7,786 additions
and
0 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,4 @@ | ||
/target | ||
.idea | ||
lib/FLAREclient.jks | ||
*.DS_STORE |
Binary file not shown.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,22 @@ | ||
# FLAREclient Version 2.0.4 | ||
## December 14th, 2015 - Release Changelog | ||
|
||
##### Bug Fixes | ||
|
||
- A bug in which XML was parsed without a namespace restriction was fixed to allow for wildcard namespaces. This was a problem when attempting to parse and save STIX content blocks from TAXII documents. XML with a namespace prefix in the Element tag would not be parsed, and thus would not be saved. | ||
|
||
- An unintended extraneous layer of validation was occurring prior to saving documents in listening mode. The 'listener' HTTP handler validates both TAXII and STIX immediately upon reception. | ||
|
||
###### Clarity | ||
|
||
Various improvements were made for code clarity and readability. Scripts used to run the client were appended with '.sh' to make it more obvious that they are bash scripts. | ||
|
||
###### Efficiency | ||
|
||
Superfluous logic was purged, and an overall improvement to code efficiency was made. Dead or unused code was removed. | ||
|
||
###### Security | ||
|
||
Methods were changed from non-static to static wherever possible, in order to improve efficiency and security. Many fields and methods that were unnecessarily public were made private, and many classes were made package-local. References to passwords were removed from method names and scripts. | ||
|
||
|
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,32 @@ | ||
# general | ||
clientVersion=2.0.3 | ||
connectingToFLARE=true | ||
taxii10NS=http\://taxii.mitre.org/messages/taxii_xml_binding-1 | ||
taxii11NS=http\://taxii.mitre.org/messages/taxii_xml_binding-1.1 | ||
taxiiQuery10NS=http\://taxii.mitre.org/query/taxii_default_query-1 | ||
taxii10serverUrlInbox=https\://FLAREgateway\:8443/flare/taxii/inbox | ||
taxii10serverUrlPoll=https\://FLAREgateway\:8443/flare/taxii/poll | ||
taxii11serverUrlInbox=https\://FLAREgateway\:8443/flare/taxii11/inbox | ||
taxii11serverUrlPoll=https\://FLAREgateway\:8443/flare/taxii11/poll | ||
httpHeaderUserAgent=FLAREclient application | ||
httpHeaderContentType=application/xml | ||
httpHeaderAccept=application/xml | ||
pathToTrustStore=lib/FLAREclient.jks | ||
trustStorePassword= | ||
basePath= | ||
sslDebug=false | ||
|
||
# publisher | ||
pathToPublisherKeyStore=lib/FLAREclient.jks | ||
publisherKeyStorePassword= | ||
publisherKeyName=client | ||
publisherKeyPassword= | ||
stix_cB=urn\:stix.mitre.org\:xml\:1.1.1 | ||
|
||
# subscriber | ||
pathToSubscriberKeyStore=lib/FLAREclient.jks | ||
subscriberKeyStorePassword= | ||
listenerEndpoint=/ | ||
verifyDS=true | ||
verifyAlias=FLAREdsig | ||
#feedName_subId=12345678-90ab-cdef-1234-567890abcdef |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,47 @@ | ||
#!/bin/bash | ||
|
||
FLARECLIENT_HOME="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )" | ||
USAGE="Usage: ./hash.sh <propertyName> <value>" | ||
|
||
# if not 2 args, print usage | ||
if [ $# -ne 2 ]; then | ||
echo "$USAGE" | ||
exit 1 | ||
else | ||
PROPERTY=$1 | ||
shift | ||
PASSWORD=$1 | ||
fi | ||
|
||
# some Java parameters | ||
if [ "$JAVA_HOME" != "" ]; then | ||
JAVA_HOME=$JAVA_HOME | ||
fi | ||
|
||
if [ "$JAVA_HOME" = "" ]; then | ||
echo "Searching for JAVA ..." | ||
OUTPUT="$(find / 2>/dev/null -name 'java')" | ||
echo OUTPUT: $OUTPUT | ||
for f in $OUTPUT | ||
do | ||
#echo "Processing $f" | ||
if [[ $f == *bin/java ]] | ||
then | ||
echo Java installed in $f | ||
LEN=${#f} | ||
#echo $LEN | ||
DIFF=`expr $LEN - 9` | ||
#echo $DIFF | ||
JAVA_HOME=${f:0:DIFF} | ||
echo using JAVA_HOME: $JAVA_HOME | ||
export JAVA_HOME | ||
break | ||
fi | ||
done | ||
fi | ||
|
||
JAVA=$JAVA_HOME/bin/java | ||
CLASSPATH="$FLARECLIENT_HOME:$FLARECLIENT_HOME/lib/*" | ||
CLASS=com.bcmcgroup.flare.client.Hash | ||
|
||
exec "$JAVA" -cp "$CLASSPATH" $CLASS $PROPERTY $PASSWORD |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,46 @@ | ||
#!/bin/bash | ||
|
||
# update all OS packages | ||
yum -y update | ||
yum -y install aide | ||
|
||
# update crontab to run aide | ||
echo "" | ||
echo "Configuring & initializing aide..." | ||
crontab -l > /tmp/mycron; | ||
if [ "$(grep aide /tmp/mycron)" == '' ]; then | ||
/usr/sbin/aide --init | ||
ln -s /var/lib/aide/aide.db.new.gz /var/lib/aide/aide.db.gz | ||
echo "05 4 * * * root /usr/sbin/aide --check" >> /tmp/mycron | ||
crontab /tmp/mycron | ||
fi | ||
rm -f /tmp/mycron | ||
|
||
# configure audit system | ||
if [ "$(grep FLAREclient /etc/audit/audit.rules)" == '' ]; then | ||
echo "" | ||
echo "Configuring audit system..." | ||
echo "# These four lines have been added by FLAREclient install" >> /etc/audit/audit.rules | ||
echo "-w /sbin/insmod -p x -k modules" >> /etc/audit/audit.rules | ||
echo "-w /sbin/rmmod -p x -k modules" >> /etc/audit/audit.rules | ||
echo "-w /sbin/modprobe -p x -k modules" >> /etc/audit/audit.rules | ||
echo "-a always,exit -f arch=b64 -S init_module -S delete_module -k modules" >> /etc/audit/audit.rules | ||
fi | ||
|
||
# adjust permissions on boot.log | ||
echo "" | ||
echo "Adjusting permissions on boot.log" | ||
chmod 0600 /var/log/boot.log | ||
|
||
# override ctrl-alt-delete | ||
echo "" | ||
echo "Overriding control-alt-delete..." | ||
echo -e "start on control-alt-delete\n\nexec /usr/bin/logger -p security.info \"Control-Alt-Delete pressed\"" > /etc/init/control-alt-delete.override | ||
|
||
# add "monitored" email address to /etc/aliases | ||
echo "" | ||
echo "Adding 'monitored' email address to /etc/aliases..." | ||
echo "root: dte-operations@cert.org" >> /etc/aliases | ||
newaliases | ||
|
||
echo "Done!" |
Binary file not shown.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,194 @@ | ||
|
||
Unlimited Strength Java(TM) Cryptography Extension Policy Files | ||
for the Java(TM) Platform, Standard Edition Runtime Environment 7 | ||
|
||
README | ||
|
||
---------------------------------------------------------------------- | ||
CONTENTS | ||
---------------------------------------------------------------------- | ||
|
||
o Introduction | ||
o License and Terms | ||
o Understanding The Export/Import Issues | ||
o Where To Find Documentation | ||
o Installation | ||
o Questions, Support, Reporting Bugs | ||
|
||
|
||
---------------------------------------------------------------------- | ||
Introduction | ||
---------------------------------------------------------------------- | ||
|
||
Thank you for downloading the Unlimited Strength Java(TM) Cryptography | ||
Extension (JCE) Policy Files for the Java(TM) Platform, Standard | ||
Edition (Java SE) Runtime Environment 7. | ||
|
||
Due to import control restrictions of some countries, the version of | ||
the JCE policy files that are bundled in the Java Runtime Environment, | ||
or JRE(TM), 7 environment allow "strong" but limited cryptography to be | ||
used. This download bundle (the one including this README file) | ||
provides "unlimited strength" policy files which contain no | ||
restrictions on cryptographic strengths. | ||
|
||
Please note that this download file does NOT contain any encryption | ||
functionality as all such functionality is contained within Oracle's | ||
JRE 7. This bundles assumes that the JRE 7 has already been installed. | ||
|
||
|
||
---------------------------------------------------------------------- | ||
License and Terms | ||
---------------------------------------------------------------------- | ||
|
||
This download bundle is part of the Java SE Platform products and is | ||
governed by same License and Terms notices. These notices can be found | ||
on the Java SE download site: | ||
|
||
http://www.oracle.com/technetwork/java/javase/documentation/index.html | ||
|
||
|
||
---------------------------------------------------------------------- | ||
Understanding The Export/Import Issues | ||
---------------------------------------------------------------------- | ||
|
||
JCE for Java SE 7 has been through the U.S. export review process. The | ||
JCE framework, along with the various JCE providers that come standard | ||
with it (SunJCE, SunEC, SunPKCS11, SunMSCAPI, etc), is exportable. | ||
|
||
The JCE architecture allows flexible cryptographic strength to be | ||
configured via jurisdiction policy files. Due to the import | ||
restrictions of some countries, the jurisdiction policy files | ||
distributed with the Java SE 7 software have built-in restrictions on | ||
available cryptographic strength. The jurisdiction policy files in this | ||
download bundle (the bundle including this README file) contain no | ||
restrictions on cryptographic strengths. This is appropriate for most | ||
countries. Framework vendors can create download bundles that include | ||
jurisdiction policy files that specify cryptographic restrictions | ||
appropriate for countries whose governments mandate restrictions. Users | ||
in those countries can download an appropriate bundle, and the JCE | ||
framework will enforce the specified restrictions. | ||
|
||
You are advised to consult your export/import control counsel or | ||
attorney to determine the exact requirements. | ||
|
||
|
||
---------------------------------------------------------------------- | ||
Where To Find Documentation | ||
---------------------------------------------------------------------- | ||
|
||
The following documents may be of interest to you: | ||
|
||
o The Java(TM) Cryptography Architecture (JCA) Reference Guide at: | ||
|
||
http://download.oracle.com/javase/7/docs/technotes/guides/security | ||
|
||
o The Java SE Security web site has more information about JCE, | ||
plus additional information about the Java SE Security Model. | ||
Please see: | ||
|
||
http://www.oracle.com/technetwork/java/javase/tech/index-jsp-136007.html | ||
|
||
|
||
---------------------------------------------------------------------- | ||
Installation | ||
---------------------------------------------------------------------- | ||
|
||
Notes: | ||
|
||
o Unix (Solaris/Linux) and Windows use different pathname separators, | ||
so please use the appropriate one ("\", "/") for your environment. | ||
|
||
o <java-home> (below) refers to the directory where the JRE was | ||
installed. It is determined based on whether you are running JCE | ||
on a JRE or a JRE contained within the Java Development Kit, or | ||
JDK(TM). The JDK contains the JRE, but at a different level in the | ||
file hierarchy. For example, if the JDK is installed in | ||
/home/user1/jdk1.7.0 on Unix or in C:\jdk1.7.0 on Windows, then | ||
<java-home> is: | ||
|
||
/home/user1/jdk1.7.0/jre [Unix] | ||
C:\jdk1.7.0\jre [Windows] | ||
|
||
If on the other hand the JRE is installed in /home/user1/jre1.7.0 | ||
on Unix or in C:\jre1.7.0 on Windows, and the JDK is not | ||
installed, then <java-home> is: | ||
|
||
/home/user1/jre1.7.0 [Unix] | ||
C:\jre1.7.0 [Windows] | ||
|
||
o On Windows, for each JDK installation, there may be additional | ||
JREs installed under the "Program Files" directory. Please make | ||
sure that you install the unlimited strength policy JAR files | ||
for all JREs that you plan to use. | ||
|
||
|
||
Here are the installation instructions: | ||
|
||
1) Download the unlimited strength JCE policy files. | ||
|
||
2) Uncompress and extract the downloaded file. | ||
|
||
This will create a subdirectory called jce. | ||
This directory contains the following files: | ||
|
||
README.txt This file | ||
local_policy.jar Unlimited strength local policy file | ||
US_export_policy.jar Unlimited strength US export policy file | ||
|
||
3) Install the unlimited strength policy JAR files. | ||
|
||
In case you later decide to revert to the original "strong" but | ||
limited policy versions, first make a copy of the original JCE | ||
policy files (US_export_policy.jar and local_policy.jar). Then | ||
replace the strong policy files with the unlimited strength | ||
versions extracted in the previous step. | ||
|
||
The standard place for JCE jurisdiction policy JAR files is: | ||
|
||
<java-home>/lib/security [Unix] | ||
<java-home>\lib\security [Windows] | ||
|
||
|
||
----------------------------------------------------------------------- | ||
Questions, Support, Reporting Bugs | ||
----------------------------------------------------------------------- | ||
|
||
Questions | ||
--------- | ||
|
||
For miscellaneous questions about JCE usage and deployment, we | ||
encourage you to read: | ||
|
||
o Information on the Java SE Security web site | ||
|
||
http://www.oracle.com/technetwork/java/javase/tech/index-jsp-136007.html | ||
|
||
o The Oracle Online Community Forums, specifically the Java | ||
Cryptography forum. The forums allow you to tap into the | ||
experience of other users, ask questions, or offer tips to others | ||
on a variety of Java-related topics, including JCE. There is no | ||
fee to participate. | ||
|
||
http://forums.oracle.com/ | ||
http://forums.oracle.com/forums/forum.jspa?forumID=964 (JCE | ||
forum) | ||
|
||
|
||
Support | ||
------- | ||
|
||
For more extensive JCE questions or deployment issues, please contact | ||
our Technical Support staff at: | ||
|
||
http://support.oracle.com | ||
|
||
|
||
Reporting Bugs | ||
-------------- | ||
|
||
To report bugs (with sample code) or request a feature, please see: | ||
|
||
http://bugreport.sun.com/bugreport/ | ||
|
||
Bug reports with specific, reproducible test cases are greatly | ||
appreciated! |
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Oops, something went wrong.